Setup an L2TP/IPSEC VPN On Your Ubitquiti EdgeRouter

The planned follow up to the Ubiquiti UniFi AP deployment/RaspberryPi controller post about running an ELK stack on the controller is on hold; there are no preexisting binaries for the ARM platform and a successful compile from source has eluded me so far. So instead we’re going to walk through setting up an L2TP/IPSEC VPN up on Ubiquiti’s EdgeRouter line of routers. Ubiquiti has a good guide here that will get you 90% of the way there, but is missing a few key pieces of info.

Now be sure to commit changes and save them so they’ll persist reboots. We’ll make use of commit-confirm for this just in case things blow up; if the commit isn’t confirmed my issuing a second commit command within 10 minutes the system will rollback to the previous active configuration. A very handy feature, especially when making configuration changes remotely.

commit-confirm

commit

save

exit

You should now be able to initiate L2TP/IPSEC VPN connections from inside and outside your LAN utilizing your WAN IP address. To check active sessions run this command at the CLI – show vpn remote-access.